← Back to home
ICSA-21-336-08  ·  Published 2021-12-02  ·  View on CISA ICS-CERT ↗

Hitachi Energy RTU500 series

CVSS 8.6 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to eavesdrop on traffic, retrieve information from memory, or cause a denial-of-service condition.

CVEs (3)

Remediations

  • RTU500 series CMU Firmware Version 11.*: This product version is end-of-life (EOL). Upgrade to a non-affected support version. See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 12.0.1 - 12.0.13: Update to RTU500 series CMU Firmware Version 12.0.14 (to be released by end-of-February 2022). See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 12.2.1 - 12.2.10: Update to RTU500 series CMU Firmware as of Version 12.2.11
  • RTU500 series CMU Firmware Version 12.4.1 - 12.4.10: Update to RTU500 CMU Firmware as of Version 12.4.11 (to be released by end-of-January 2022). See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 12.6.1 - 12.6.6: Update to RTU500 series CMU firmware as of Version 12.6.7. See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 12.7.1: Update to RTU500 series CMU Firmware as of Version 12.7.2
  • RTU500 series CMU Firmware Version 13.0.1 - 13.0.2: Upgrade to the latest RTU500 series CMU Firmware as of Version 13.2.3. See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 13.1.1 - 13.1.2: Upgrade to the latest RTU500 series CMU Firmware as of Version 13.2.3. See below for the current mitigation strategy.
  • RTU500 series CMU Firmware Version 13.2.1: Upgrade to the latest RTU500 series CMU Firmware as of Version 13.2.3. See below for the current mitigation strategy.
  • Physically protect process control systems from direct access by unauthorized personnel.
  • Do not directly connect to the Internet.
  • Separate from other networks by means of a firewall system that has a minimal number of ports exposed.
  • Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
  • Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
  • Please see Hitachi Energy advisory 8DBD000064 for additional mitigation and update information.

Affected Vendors

Hitachi Energy

Affected Products (9)

Hitachi Energy · RTU500 series CMU Firmware 12.2.*
Hitachi Energy · RTU500 series CMU Firmware 13.1.*
Hitachi Energy · RTU500 series CMU Firmware 13.0.*
Hitachi Energy · RTU500 series CMU Firmware 12.0.*
Hitachi Energy · RTU500 series CMU Firmware 12.6.*
Hitachi Energy · RTU500 series CMU Firmware 12.4.*
Hitachi Energy · RTU500 series CMU Firmware 11.*
Hitachi Energy · RTU500 series CMU Firmware 12.7.*
Hitachi Energy · RTU500 series CMU Firmware 13.2.1

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more